I've joined a small company who needs me to setup an infrastructure for their new half rack. That said, I'm not a network engineer and realize I need some major input here. I’m very open to suggestions and when this is done I’d also like to take all this knowledge and post a How-To doc.

Here’s what I’m aiming for so far:

Code:

Line In --> Router/Firewall -->
DNS Primary

Mail Server and DNS Secondary

Database Server

Webserver CARP 1
Webserver CARP 2
Webserver CARP 3

NFS RAID 5 WWW Data

1. What should I expect my datacenter to provide me with (ip block, what dns I use gateway, subnet masks, etc…)

2. What should the Router/Firewall be? Is there a hardware firewall/router that has a good web admin interface? Or even a software once with web interface?

3. Will all the machines use the ‘Router/Firewall’ as their default gateway and have their own publicly accessible IP address? If so, will blocking an outside IP on the ‘Router/Firewall’ disallow access to the client trying to access the database box’s IP directly.

4. Is running the DNS Secondary on the mail server a terrible idea?

5. If either the Primary of Secondary DNS goes down, will there be any service interruption?

6. Is it better to have all the boxes on internal 192.168 ip’s and have the ‘Router/Firewall’ redirect all external IP addresses to a private IP?